If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

And how do you ban? By nickname or IP or both? Every board has it's trolls, we have a bucket full here. They get banned, come back and get banned again (and so on and so on). I am not sure your going to be able to rid yourself of this troll (some are very determined) unless you can find his/her location. Did you check the header records of any of the infected emails (or do the viruses just get delivered via IM).

Cheers:

/Edit
Sorry darl'in, I got to go for now, meeting with my lawyers (don't ask). I am sure someone else here will pick-up on this thread and hopefully be of some help (tiger...you out there?). If, not I'll be back tomorrow and try to help (no guarantees ).

2. The "virus" attacks AV software: This is pretty sophisticated considering most AV software is protected within the system.

3. NAV picked up one of the recent attempts to infect: If NAV picked it up on anything but the "Bloodhound Technology" then it is a known virus.

This all points to this person simply sending out a known virus and your users not having appropriately updated AV software. This is hardly unusual no matter how much they protest that it is.

You are in the classic situation of providing a _public_ service and having a malcontent screwing with you. You could block all the AOL netblocks but that will both kill your current users that come from AOL and it will not stop your little malcontent because he may be using someone elses computer as a zombie to enter through AOL... He could be on any ISP in the world - he could be using his local library....

Your only real course of action is to point out that hedgehog care does not require the transmittal of files - especially executables - between the users and as such _any_ file sent by anyone on the board must be considered suspect and deleted without opening it.

By the simple nature of the system you run you cannot stop him unless you can get him arrested. Since it will be extremely difficult for you to be able to show greater than $5000 loss to any individual or to the board itself law enforcement probably won't help you - unless you have a hedgehog keeping LEO on the board that would go to bat for you and convince someone that the aggregate cost exceeds $5000 - then you might be able to get them involved and track him for you....

I'm afraid that no matter how much information you show us here it is really not feasible for anyone here to be able to help you with the lag time in messages, (real time would be needed).

Don\'t SYN us.... We\'ll SYN you..... \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

&lt;sigh&gt; That's what I had figured...kinda like teens who steal all the straws/napkins at McDonalds...until you (1) catch them doing it and (2) prove it's valued at $X...not a damned thing you can do but refill the straw/napkin dispensers.

What I was really hoping to find out is if he was on a small enough ISP to call. AOHell isn't going to be of help (and thanks for that ph#...just not the right amount of damages here). There's 4 of us who are in essence stalking all newbies on our board to make sure they behave. At some point, I feel "ok" about them and quit "moderating" their posts. The thing is, he's keeping his ID close, and posting very little (if at all).

It's the attacks via IM (AIM, MSMessenger, Yahoo!) that have us concerned. He's sniping certain members, and then sending viri via a chat window. And that there's a common thread: all members of CnQ who have gone head-to-head with the original 2 IDs (hitoll and hedgiemommie). I guess I'm wanting to lash out in frustration after 3+ weeks of this hell.

I could be game...but with Starband.net as my provider, they are trapping anything coming through before I even see it. And my alternate accounts are on gmail...I'm sure they are just making viri mail disappear.

No spaces in either of them and my virus program can't remove them but says it has
stopped them from accessing my computer.

The other 3 are security risks.

MediaAcc.dll -&gt; (UPX) named W32/Windu.F

MediaAccess.exe -&gt;(UPX) same name as above W32/Windu.F

MediaAcck.exe -&gt;(UPX) Security risk W32/Windu.D

The virus program deleted them.

This second one came over msn from a Chad Cortese who is TucknRoll on here. Chad
hasn't got hedgies, I have his, so he doesn't come on anymore but I wonder if this
is coincidence that it came from another CnQ member. Ok, I'm getting paranoid.
lol

We went to the computer store where we got the computer and the guy there looked up
the two top ones and said they are nasty and partly undetectable which is why the
virus program can't delete them.

My husband went on some sites and they said they are low risk and easily removed.
Ya right, that's why I can't remove them. ARGHHHHH

It would be interesting to know which one Tawana got as she must be having real
problems.

I was talking to Blueberrybuds, Yeah I know unbelievable, lol She said she is
having wierd issues with her computer. She also said Hitol has told her he is
badmouthing her all over.

I have the horrible feeling that this isn't so much an attack as a viral infection amongst the members of the group....

Can you give any evidence to the contrary?

Don\'t SYN us.... We\'ll SYN you..... \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

Advertiser Disclosure:
Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.